From mboxrd@z Thu Jan  1 00:00:00 1970
From: Aurelien Jarno <aurelien@aurel32.net>
Subject: virtio-rng only returns zeros with CONFIG_HW_RANDOM=m
Date: Mon, 25 Feb 2013 00:11:54 +0100
Message-ID: <20130224231154.GA30477@hall.aurel32.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-15
Cc: Ian Molton <ian.molton@collabora.co.uk>,
	Matt Mackall <mpm@selenic.com>,
	Rusty Russell <rusty@rustcorp.com.au>,
	Herbert Xu <herbert@gondor.apana.org.au>
To: kvm@vger.kernel.org
Return-path: <kvm-owner@vger.kernel.org>
Received: from hall.aurel32.net ([88.191.126.93]:53079 "EHLO hall.aurel32.net"
	rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
	id S1758842Ab3BXXga (ORCPT <rfc822;kvm@vger.kernel.org>);
	Sun, 24 Feb 2013 18:36:30 -0500
Content-Disposition: inline
Sender: kvm-owner@vger.kernel.org
List-ID: <kvm.vger.kernel.org>

Hi,

I have noticed that virtio-rng only returns zero for kernels >= 2.6.33
built with CONFIG_HW_RANDOM=m. This is a bit much too predictable for a
random generator ;-).

The reason for that is virtio expects guest real addresses, while
rng_core.ko (ie when built as a module) is passing a vmalloced buffer 
to the virtio-rng read function, declared as such:

  static u8 rng_buffer[SMP_CACHE_BYTES < 32 ? 32 : SMP_CACHE_BYTES]
          __cacheline_aligned;

This is basically the same issue than the following one:

  https://lists.linux-foundation.org/pipermail/virtualization/2008-May/010946.html

but introduced in a more subtle way in this commit:

  commit bb347d98079a547e80bd4722dee1de61e4dca0e8
  Author: Ian Molton <ian.molton@collabora.co.uk>
  Date:   Tue Dec 1 15:26:33 2009 +0800

      hwrng: virtio-rng - Convert to new API
    
      This patch converts virtio-rng to the new hw_rng API.
    
      In the process it fixes a previously untriggered buffering bug where the
      buffer is not drained correctly if it has a non-multiple-of-4 length.
    
      Performance has improved under qemu-kvm testing also.
    
      Signed-off-by: Ian Molton <ian.molton@collabora.co.uk>
      Acked-by: Matt Mackall <mpm@selenic.com>
      Acked-by: Rusty Russell <rusty@rustcorp.com.au>
      Signed-off-by: Herbert Xu <herbert@gondor.apana.org.au>


I basically see three possible way of fixing that:
- prevent rng_core to be built as a module;
- use an intermediary kmalloced buffer in virtio-rng passed to virtio
  functions, followed by a memcpy to get the data in the rng core
  buffer;
- use a kmalloc buffer in rng_core instead of vmalloc one.

What would be best way to fix that? Did I miss another way?

Thanks,
Aurelien

-- 
Aurelien Jarno	                        GPG: 1024D/F1BCDB73
aurelien@aurel32.net                 http://www.aurel32.net